CNNVD-202508-1054 Information
CNNVD ID
CNNVD-202508-1054
Related CVE
- CNNVD Published: 2025-08-12
Description (Chinese)
Ivanti Connect Secure(ICS)等都是美国Ivanti公司的产品。Ivanti Connect Secure是一款安全远程网络连接工具。Ivanti Policy Secure(IPS)是一个网络访问控制 (NAC) 解决方案。Ivanti ZTA Gateway是一个网络访问软件中的组件。 Ivanti多款产品存在缓冲区错误漏洞,该漏洞源于缓冲区过度读取,可能导致拒绝服务。以下产品和版本受到影响:Ivanti Connect Secure 22.7R2.8之前版本或22.8R2之前版本、Ivanti Policy Secure 22.7R1.5之前版本、Ivanti ZTA Gateway 2.8R2.3-723之前版本和Ivanti Neurons for Secure Access 22.8R1.4之前版本。
Description (English)
Ivanti Connect Security (ICS) and others are products of the American company Ivanti. Ivanti Contact Security is a secure remote network connection tool. Ivanti Policy Security is a web access control (NAC) solution. Ivanti ZTA Gateway is a component of a network access software. There is an error loophole in the buffer zone for a number of Ivanti products, which stems from overreading the buffer zone and may lead to the denial of services. The following products and versions have been affected: previous versions of Ivanti Contact 22.7R2.8 or 22.8R2, previous versions of Ivanti Policy 22.7R1.5, previous versions of Ivanti ZTA Gateway 2.8R2.3-723 and previous versions of Ivanti Neurons for Security 22.8R1.4.
Hazard Level
Medium
Vulnerability Type
缓冲区错误
Affected Vendor
Ivanti
Published
2025-08-12
Last Modified
2026-02-24